Certificate
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/Q1lOVdyWy5uYClKqY35IqNhzicA.cer
File: Q1lOVdyWy5uYClKqY35IqNhzicA.cer (raw, json)
Hash identifier: 1+6m/P0EKAgKADOhNT+PqnSWCrWchMdOsRMzBJYwpiQ=
Subject key identifier: 43:59:4E:55:DC:96:CB:9B:98:0A:52:AA:63:7E:48:A8:D8:73:89:C0
Authority key identifier: 2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
Certificate issuer: /CN=2a94a8dd554ae701072099c70b6407555ddde669
Certificate serial: 018CC4253490B3221196BE1D2196EDF0F08A
Authority info access: rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Manifest: rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/Q1lOVdyWy5uYClKqY35IqNhzicA.mft
caRepository: rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/
Notify URL: https://rrdp.ripe.net/notification.xml
Certificate not before: Mon 01 Jan 2024 08:30:21 +0000
Certificate not after: Tue 01 Jul 2025 00:00:00 +0000
Subordinate resources: AS: 35193
IP: 5.145.120.0/21
IP: 85.239.160.0/19
IP: 2a00:b200::/32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:34:90:b3:22:11:96:be:1d:21:96:ed:f0:f0:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2a94a8dd554ae701072099c70b6407555ddde669
Validity
Not Before: Jan 1 08:30:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=43594e55dc96cb9b980a52aa637e48a8d87389c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:32:ae:3e:f0:7e:be:0a:4d:ad:e3:3a:a6:
b7:f2:08:47:4d:fa:65:87:10:d2:c6:38:1e:95:d7:
a9:ca:69:63:96:00:72:88:b7:86:d6:7b:7a:ac:e2:
5d:18:c8:9e:13:54:b4:20:bc:75:a1:47:9f:75:db:
f5:d8:57:20:41:48:8c:16:77:dc:cc:40:5a:3a:86:
01:70:2f:6f:3b:07:5b:5a:08:60:70:78:78:6b:84:
9a:9a:d8:61:ab:12:fd:b4:b6:3d:c5:f2:dc:0c:94:
b4:66:19:82:27:11:47:16:48:84:4b:15:c5:6f:31:
85:70:88:1f:9e:bc:69:25:c2:49:8c:63:e5:44:32:
21:ed:34:75:48:2e:ad:42:a6:bf:aa:93:08:56:27:
db:14:74:73:09:c0:1c:86:7b:98:e7:ed:2d:03:ef:
fc:b5:a7:ab:d8:0f:40:f5:fb:85:1c:b3:e9:16:1e:
7a:ce:a7:90:9d:7b:e5:97:0d:90:da:e6:b6:2b:62:
f2:95:59:38:32:9b:e0:5d:f9:bc:dd:8e:15:98:d4:
12:d8:36:8f:f3:f5:ce:a8:9a:9d:7f:60:fe:4c:bd:
40:de:be:ee:5d:a6:46:39:71:31:9c:8a:60:75:9c:
ea:08:fe:4d:7a:01:70:66:c6:61:27:47:b3:6e:23:
cf:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:59:4E:55:DC:96:CB:9B:98:0A:52:AA:63:7E:48:A8:D8:73:89:C0
X509v3 Authority Key Identifier:
keyid:2A:94:A8:DD:55:4A:E7:01:07:20:99:C7:0B:64:07:55:5D:DD:E6:69
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
Subject Information Access:
CA Repository - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/
RPKI Manifest - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/85e125-85d6-43f0-98bf-d8fa0eda3abe/1/Q1lOVdyWy5uYClKqY35IqNhzicA.mft
RPKI Notify - URI:https://rrdp.ripe.net/notification.xml
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.145.120.0/21
85.239.160.0/19
IPv6:
2a00:b200::/32
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
35193
Signature Algorithm: sha256WithRSAEncryption
a0:95:e8:fb:09:87:cd:78:3a:34:ad:ad:25:fe:69:a6:4a:4f:
de:30:33:e1:92:f4:6d:cc:e8:d2:97:b1:c0:72:bd:1e:f6:72:
c0:00:6f:0e:af:6d:b8:15:af:eb:a8:34:97:83:e1:4b:a8:11:
14:ab:e4:fd:fb:fb:bf:32:f4:d4:08:cc:03:92:ee:59:0a:87:
a2:be:32:d9:71:14:49:8d:ec:ed:13:40:39:9a:f5:7c:60:e2:
d3:23:d3:a4:39:55:48:72:a1:73:32:70:07:6f:84:15:4d:b4:
af:4b:ae:0c:27:e6:0c:a4:9b:b8:25:15:e2:b0:20:10:f2:4f:
99:c4:e3:b7:4a:d4:55:8b:39:02:fb:ac:e9:73:95:06:cc:17:
d0:78:3d:b6:3b:cf:be:67:93:f7:97:e0:a5:e4:27:6b:af:2a:
46:35:77:29:93:66:01:91:3a:f9:bd:09:12:5e:58:7c:a4:31:
6e:d3:2f:3d:4c:fb:0a:ed:1c:9c:49:be:dd:76:41:90:40:cb:
67:88:a6:01:b7:81:64:5d:5e:5c:e6:9b:40:7f:01:2f:89:38:
af:60:6a:db:38:d9:09:fb:e8:a6:9f:10:e6:54:da:6c:4f:58:
1c:53:a4:67:d3:dc:dc:0e:b1:bd:a2:e4:15:a5:15:38:b9:78:
1b:93:13:15
-----BEGIN CERTIFICATE-----
MIIFqTCCBJGgAwIBAgISAYzEJTSQsyIRlr4dIZbt8PCKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhOTRhOGRkNTU0YWU3MDEwNzIwOTljNzBiNjQwNzU1NWRk
ZGU2NjkwHhcNMjQwMTAxMDgzMDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MzU5NGU1NWRjOTZjYjliOTgwYTUyYWE2MzdlNDhhOGQ4NzM4OWMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskcyrj7wfr4KTa3jOqa38ghHTfpl
hxDSxjgeldepymljlgByiLeG1nt6rOJdGMieE1S0ILx1oUefddv12FcgQUiMFnfc
zEBaOoYBcC9vOwdbWghgcHh4a4SamthhqxL9tLY9xfLcDJS0ZhmCJxFHFkiESxXF
bzGFcIgfnrxpJcJJjGPlRDIh7TR1SC6tQqa/qpMIVifbFHRzCcAchnuY5+0tA+/8
taer2A9A9fuFHLPpFh56zqeQnXvllw2Q2ua2K2LylVk4MpvgXfm83Y4VmNQS2DaP
8/XOqJqdf2D+TL1A3r7uXaZGOXExnIpgdZzqCP5NegFwZsZhJ0ezbiPPAQIDAQAB
o4ICtTCCArEwHQYDVR0OBBYEFENZTlXclsubmApSqmN+SKjYc4nAMB8GA1UdIwQY
MBaAFCqUqN1VSucBByCZxwtkB1Vd3eZpMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0P
AQH/BAQDAgEGMGAGCCsGAQUFBwEBBFQwUjBQBggrBgEFBQcwAoZEcnN5bmM6Ly9y
cGtpLnJpcGUubmV0L3JlcG9zaXRvcnkvYWNhL0twU28zVlZLNXdFSElKbkhDMlFI
VlYzZDVtay5jZXIwggEjBggrBgEFBQcBCwSCARUwggERMF0GCCsGAQUFBzAFhlFy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2Q1Lzg1ZTEy
NS04NWQ2LTQzZjAtOThiZi1kOGZhMGVkYTNhYmUvMS8wfAYIKwYBBQUHMAqGcHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZDUvODVlMTI1
LTg1ZDYtNDNmMC05OGJmLWQ4ZmEwZWRhM2FiZS8xL1ExbE9WZHlXeTV1WUNsS3FZ
MzVJcU5oemljQS5tZnQwMgYIKwYBBQUHMA2GJmh0dHBzOi8vcnJkcC5yaXBlLm5l
dC9ub3RpZmljYXRpb24ueG1sMFkGA1UdHwRSMFAwTqBMoEqGSHJzeW5jOi8vcnBr
aS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvS3BTbzNWVks1d0VISUpuSEMy
UUhWVjNkNW1rLmNybDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDQGCCsGAQUF
BwEHAQH/BCUwIzASBAIAATAMAwQDBZF4AwQFVe+gMA0EAgACMAcDBQAqALIAMBoG
CCsGAQUFBwEIAQH/BAswCaAHMAUCAwCJeTANBgkqhkiG9w0BAQsFAAOCAQEAoJXo
+wmHzXg6NK2tJf5ppkpP3jAz4ZL0bczo0pexwHK9HvZywABvDq9tuBWv66g0l4Ph
S6gRFKvk/fv7vzL01AjMA5LuWQqHor4y2XEUSY3s7RNAOZr1fGDi0yPTpDlVSHKh
czJwB2+EFU20r0uuDCfmDKSbuCUV4rAgEPJPmcTjt0rUVYs5Avus6XOVBswX0Hg9
tjvPvmeT95fgpeQna68qRjV3KZNmAZE6+b0JEl5YfKQxbtMvPUz7Cu0cnEm+3XZB
kEDLZ4imAbeBZF1eXOabQH8BL4k4r2Bq2zjZCfvopp8Q5lTabE9YHFOkZ9Pc3A6x
vaLkFaUVOLl4G5MTFQ==
-----END CERTIFICATE-----
Generated at Fri May 3 10:13:33 2024 by rpki-client on console-fra.rpki-client.org